1. Field of the Invention
The present invention relates to certification technique whereby certification is performed in an organization such as an enterprise.
2. Description of the Related Art
In the case of using a public cryptography method, assurance of correspondence between a public key and the person himself is required. This assurance is called xe2x80x9ccertificationxe2x80x9d. As a mechanism for providing this certification, there is Certification Authority (hereinafter, called also xe2x80x9cCAxe2x80x9d). The CA is a fair third party system for assuring a correspondence relation between the public key and the person himself, and this is being popularly used for certification. In this method, the CA issues, as a certificate, electronic data electronically signed using the private key of CA on information indicating correspondence between a certification target (natural individual or legal person) and its public key. A third party, who places its confidence in the CA, confirms the contents (signature) of the certificate using the public key of CA, whereby the third party accepts that the correspondence relation between the public keys of an individual and an individual is legitimate.
If the conventional CA is used within an enterprise, the following problems will occur:
(1) A fair third party is required as a manager of CA. If such a management job is entrusted to an external third party organization, the essence of the internal security system would be held by the third party.
(2) Even if an attempt is made to provide a fair third party within the company, an employee within the company will become the individual concerned (an individual to be certified). The enterprise side also desires to prevent a specific manager from holding the essence of the security system, and the manager does not desire to manage important information either (he is very likely to be suspected if a problem such as divulgation arises).
(3) Within an enterprise, since activities are performed in units of groups, which are an aggregate of individuals or groups such as a department or a section, it is desirable to establish a right such as reference right for information in units of groups. Accordingly, it becomes necessary to correctly assure the individual or group, which is an element of the group, but the conventional CA does not have such ability.
(4) In the CA, the fair third party identifies by some method that a person to be certified is the person himself, but since generally the CA""s manager is not acquainted with the person to be certified, there is no method for the identification except some method left to the CA""s decision among methods such as correspondence to mail address, non-duplication of the name, and backing using a public certificate. Since there are diversified methods in this manner, variations occur in the degree of reliability of the identification. Even if we may rely on the public certificate, we are powerless against false papers for it. Within the enterprise, an employee""s identification card may be the public certificate, but it costs for an applicant to meet the manager with his employee""s identification card.
The present applicant has proposed a cryptography technique in units of groups (Japanese Published Unexamined Patent Application No. 11-015373). This technique enables information control in units of groups to the public key cryptography technique, that is, decoding and electronic signature. In order to perform the information control in units of groups, it is necessary to maintain the legitimacy of a member of the group. This is because if an illegitimate member can be added, the illegitimate member could use the rights given to the group. For this reason, in the Japanese Published Unexamined Patent Application No. 11-015373, there was provided ability to legitimately change the group members. However, no certification ability is included in the Japanese Published Unexamined Patent Application No. 11-015373. More specifically, there is not included ability to assure the correspondence relation between an individual and the public key, and the correspondence relation between a group and the public key.
Even in a general CA, there exists a system in which a plurality of CAs form a hierarchical structure. Concretely, a higher level CA places its electronic signature on information indicating the correspondence relation between its lower level CA and its public key. Thus, if the public key for the higher level CA is known, the information indicating the public key for the lower level CA electronically signed is confirmed, whereby the public key for the lower level CA can be also correctly known. In this system, however, although the hierarchical structure is formed, a fair third party is still required. Also, since the CA is service, it is difficult to bring the group into correspondence with the CA, and the group cannot be controlled. Further, the basis for the certification remains the same as before, and the degree of reliability varies.
The present invention has been achieved in consideration of the above-described state of affairs, and is aimed to provide a certification technique suitable for performing a certification in an organization such as an enterprise.
Hereinafter, the description will be made of the present invention. The present invention enables the certification of an individual and an organization using a hierarchy of the organization. A responsible person of each group ought to certainly know other groups and individuals directly belonging to the group, and performs the certification on the basis thereof. This has the following effects:
(1) The certification can be performed without necessitating the existence of any fair third party.
(2) Uniform and fair certification can be performed on the basis of acquaintance with the members which the responsible person of the group has.
(3) The group can be handled.
(4) The certification can be performed by the in-house alone.
More specifically, according to the present invention, in order to achieve the above-described object, a certification apparatus for performing certification for an individual and a group in an organization constructed by hierarchically arranging a group having at least one of an individual and a group as a constituent member, is provided with: a confirmation process unit for confirming the certification target on the basis of communication between a responsible person of a group and a certification target belonging to the group; and a certificate generating unit for generating a certificate for the certification target by placing the signature on signature-target information including a public key for the certification target and specifying information on the certification target by a private key used by the responsible person of the group.
In this structure, a certification scheme is hierarchically constructed with the responsible person of the group as a nucleus, and therefore, the effects of (1) to (4) described above can be achieved.
In this structure, a unit for keeping the certificate may be further provided. Of course, the certificate may be sent to the user. Also, the signature-target information may further include specifying information on the group.
Also, a certificate having a group as a certification target may further include specifying information on each of members of the group, and signature information comprising the specifying information signed by the private key of the responsible person of the group.
Also, the certificate having a group as a certification target may further include a shared public key of members of the group encrypted by respective public keys of members of the group; a shared public key of members of the group; and signature information comprising at least the members"" shared private key encrypted, signed by the private key of the responsible person of the group.
Also, a private key used by the responsible person of the group encrypted by a public key corresponding to a private key used by a responsible person of a group in a higher level hierarchy of the group may be further included in the certificate. In this case, the private key used by the responsible person of the group may be set independently of an individual private key of the responsible person, the private key used by the responsible person of the group encrypted by the individual public key of the responsible person of the group may be included in the certificate.
Also, on generating the certificate, a confirming unit of the group using the certification target based on the communication between the responsible person of the group and the certification target belonging to the group may be further provided for the certification apparatus.
Also, the signature-target information may include information having classification of the signature target described therein. The classification means, for example, difference between temporary registration and genuine registration, presence or absence of certification ability and the like. For example, a friendship group and a task force can be designated to have no authentication ability.
Also, along with communication between the responsible person of the group and the certification target belonging to the group, it may be possible for the certification target belonging to the group to receive specifying information on the group and the private key for the group for signing by the private key of the certification target itself.
Also, along with the communication between the responsible person of the group and the certification target belonging to the group, it may be possible for the certification target belonging to the group to receive specifying information on the group and the private key for the group for signing by the private key of the certification target itself, and to allow the certification target to be kept in such a manner as to be made available.
Also, it goes without saying that the present invention is implementable both as a mode of the method and as a mode of the computer program. Also, in place of the confirmation process of the certification target based on communication between the responsible person of the group and the certification target belonging to the group or a responsible person of the certification target, it is possible to use the existing credit scheme (diversion and the like of a confirmation document and the like which have already been used), and to omit the confirmation process.